OSDN Git Service

(root) / android-x86 / hardware-interfaces.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b96a339)
biometrics: fingerprint: add locking to default impl
authorNick Desaulniers <ndesaulniers@google.com>
Fri, 18 Aug 2017 17:00:44 +0000 (10:00 -0700)
committerNick Desaulniers <ndesaulniers@google.com>
Fri, 18 Aug 2017 17:14:53 +0000 (17:14 +0000)
There exists the following race condition:
a). thread A receives setNotify and sets the callback to some object
b). thread B of the wrapped implementation calls
BiometricsFingerprint::notify which it was given a handle to. Thread B
executes past the nullptr check:
c). thread A receives setNotify and sets the callback to some other
object (or nullptr)
d). thread B resumes in notify with unknown state

Add mutex to protect access to mClientCallback.

Change-Id: I9163204ff5802e9246056caeb2a7857e6138531c
Fixes: 64802340
Test: VtsHalBiometricsFingerprintV2_1IfaceFuzzer

biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp patch | blob | history
biometrics/fingerprint/2.1/default/BiometricsFingerprint.h patch | blob | history

diff --git a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp
index c6774ca..f687959 100644 (file)
--- a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp
+++ b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp
@@ -145,6 +145,7 @@ FingerprintAcquiredInfo BiometricsFingerprint::VendorAcquiredFilter(
 
 Return<uint64_t> BiometricsFingerprint::setNotify(
         const sp<IBiometricsFingerprintClientCallback>& clientCallback) {
+    std::lock_guard<std::mutex> lock(mClientCallbackMutex);
     mClientCallback = clientCallback;
     // This is here because HAL 2.1 doesn't have a way to propagate a
     // unique token for its driver. Subsequent versions should send a unique
@@ -259,6 +260,7 @@ fingerprint_device_t* BiometricsFingerprint::openHal() {
 void BiometricsFingerprint::notify(const fingerprint_msg_t *msg) {
     BiometricsFingerprint* thisPtr = static_cast<BiometricsFingerprint*>(
             BiometricsFingerprint::getInstance());
+    std::lock_guard<std::mutex> lock(thisPtr->mClientCallbackMutex);
     if (thisPtr == nullptr || thisPtr->mClientCallback == nullptr) {
         ALOGE("Receiving callbacks before the client callback is registered.");
         return;
diff --git a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.h b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.h
index 5923c84..6d64e3d 100644 (file)
--- a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.h
+++ b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.h
@@ -69,6 +69,7 @@ private:
     static FingerprintAcquiredInfo VendorAcquiredFilter(int32_t error, int32_t* vendorCode);
     static BiometricsFingerprint* sInstance;
 
+    std::mutex mClientCallbackMutex;
     sp<IBiometricsFingerprintClientCallback> mClientCallback;
     fingerprint_device_t *mDevice;
 };
hardware/interfaces
About OSDN
Find Software
Develop Software
Help